Phone Cryptojacking Cases Spiral Out of Control in Japan

As Japan sees a widespread adoption of cryptocurrencies, cybersecurity threats in the face of ‘cryptojacking’ are also spiraling out of control. With more than 130,000 incidents in the three months through December 2017, the cases have increased with roughly about 175 times.

Japan is rapidly becoming a hot spot for the crypto field, with corporate giants such as Yahoo! Japan and Monex Group already stepping in. However, the surge of popularity is also paving the way for an increase in a particular breed of hack known as ‘cryptojacking’.

A Lurking Threat

Cryptojacking is no news in the field and the last quarter of 2017 and the crypto-craze that it marked seemed to have catalyzed its potency. On a global scale, we saw 8,500% increase during 2017, but it seems that Japan itself is quickly topping the charts with over 175 times more recorded cases at the end of 2017 compared to January-March the same year.

And, while stealing computational power from PCs has been the standard, cybercriminals seem to be getting crafty and their also targeting smartphones. There are two distinct ways your device’s computational power might get hijacked.

The first one is through the spread of malicious software through emails as well as other online means. This malware would then siphon your device’s processing power in order to facilitate cryptocurrency mining.

The second one involves a popular script called Coinhive. It emerged back in September 2017 and cryptojacking cases have rampantly increased ever since according to Katsuyuki Okamoto – a security evangelist at a cybersecurity firm called Trend Macro. The way it works is fairly simple – when you visit a troubled website, your browser will load the Coinhive script automatically, allowing it to tap into your device’s processing power and begin mining Monero.

Monero – The Preferred Digital Currency for Hackers

As stated above, Coinhive’s script is set to facilitate the mining of Monero. The reasons for this are explained by IBM Japan’s Security Operations Center chief analyst Hideki Inomata:

Unlike other cryptocurrencies, Monero is easier to mine, even with relatively low-performance terminals. […] This gives hackers an incentive to target the typical computer or smartphone user, rather than more sophisticated and heavily guarded systems.

Even though certain anti-virus programs might detect scripts like Coinhive and block them out, it becomes much more challenging to deal with the problem once the device has already been infected. Hackers are notoriously resourceful in their ability to circumvent all kinds of intercepting methods, as Toshia Nawa, a senior security analyst at the Cyber Defense Institute of Tokyo points out:

Certain types of malware are sophisticated enough to mine digital coins only while users are not typing, so users are often unaware that their computers are infected.

The Importance of Protection

Scripts for computational power theft for coin mining don’t necessarily pose an imminent threat to the personal data of the user of the infected device. However, taking measures is crucial, according to Hiroaki Takiguchi of Symantec, who warns that “a program that was designed for coin mining could be turned into something else by criminals.”

The long and short of it is this – be aware of how your device is performing. If you suddenly start experiencing sluggish performance on your brand new iPhone, it might not be Apple deliberately chopping down its capabilities – it could very well be an indicator that someone is using its power to mine Monero or some other cryptocurrency.